DialogNauka executed the project on implementation of HP of ArcSight ESM in JSC Rostelecom

June 01, 2015. The DialogNauka company announced implementation for the Corporate center JSC Rostelecom of a subsystem of registration and accounting of events based on HP ArcSight ESM.

Choosing a Solution

For the purpose of increase in level of information security JSC Rostelecom made the decision to hold a competition on creation of a subsystem of registration and accounting of events based on HP ArcSight ESM. The purpose of the competitive project was determination of the contractor who will be able to provide accomplishment of a complex of works on implementation of HP of ArcSight ESM for the corporate center JSC Rostelecom. According to the results of the held competition by the contractor capable to fulfill all project requirements for JSC Rostelecom and having necessary competence, there was a DialogNauka company.

Project Progress

According to effective objectives, the new subsystem had to provide to JSC Rostelecom a possibility of registration of events of cybersecurity and conducting investigations of incidents of information security at emergence of the following violations of security policy: leak of confidential information on network channels; viral infections and epidemics; the confirmed network attacks on internal and external nodes of macroregional branches (MRF) of JSC Rostelecom; unauthorized access to information or components of an information system (such as operating systems, application software, network equipment, DBMS); violation of integrity of the processed information; unauthorized copying of information on external carriers and other violations of cybersecurity.

Work on creation and implementation of a subsystem of registration and accounting of events was carried out by a team of specialists of DialogNauka in several steps:

• preproject inspection;
• engineering design on creation of a subsystem;
• development of incident management processes of information security;
• implementation of a subsystem based on HP ArcSight;
• development of operational documentation;
• trial operation of the implemented solution.

Preproject inspection was a starting stage of execution of the project and included creation of the list of sources of events of cybersecurity, the developed regulating documents and also objects connected to the developed subsystem. According to the received results of inspection engineering design on creation of a subsystem of registration and accounting of events based on the HP solution of ArcSight was carried out.

Result

On end of a stage of engineering design by specialists of JSC DialogNauka the regulating documents regulating incident management processes of information security and also defining a notification order about incidents of cybersecurity of CC of JSC Rostelecom were developed. The subsequent implementation of a subsystem happened on the territory of the customer according to all requirements determined by the technical plan for creation of a subsystem of registration and accounting of events of information security.

Carrying out trial operation of the HP ArcSight system in the course of which functionality of the implemented solution were tested became a final stage of implementation. Based on trial operation by specialists in information security of JSC Rostelecom the conclusion was drawn that all components of installed solution function in the normal mode and completely conform to requirements of technical specifications, representatives of the company integrator reported TAdviser.

The completed project was commented by Victor Serdyuk, the CEO of JSC DialogNauka: "At the moment DialogNauka is the first in Russia and the CIS countries the company which has the status of the platinum partner of HP company in category of HP Enterprise Security. For us a great honor to perform works on data protection for the benefit of JSC Rostelecom. In return we thank Rostelecom company and its specialists for the rendered assistance in system implementation of monitoring of HP of ArcSight ESM and we hope for continuation of cooperation in the future".